Editor’s Note: The Congressional Research Service report, Cybersecurity Issues for the Bulk Power System R43989 is available here. The following is an excerpt.
Evaluating and Improving Electricity Subsector Cybersecurity
As noted above, the bulk electric system has mandatory standards for critical infrastructure cybersecurity that NERC proposes, and FERC approves (or may modify and remand back to NERC). Industry compliance with these standards may be enough to prevent fines, but the question is whether existing mandatory standards result in a cybersecure grid. The grid has reportedly experienced intrusions to SCADA systems, which could possibly compromise systems operations. While the exact details and location have not been revealed, the cyberattacks demonstrate potential threats to grid reliability. Although some may believe the risks of a major cyberattack on the grid are small, FERC is obligated to consider CIP and cybersecurity as part of its reliability mandate. This section will summarize current concepts for evaluating and improving electricity subsector cybersecurity.
Leave a Reply